Security is often described as a continuum between convenience and safety. A system that requires ten layers of authentication may be very difficult to attack, but it may also be so inconvenient that it will never be used. At the opposite end, a system with no means of authentication or authorization is highly convenient for users but also highly insecure. Biometric authentication holds the possibility of creating security systems that are both strong and convenient. For example, swiping a fingerprint reader and staring into a camera are convenient actions for a user that are also difficult for malicious actors to fake. However, malicious actors are nothing if not persistent, and a variety of methods of faking biometric authentication methods have emerged. In some instances, attackers may record an image of a user and later display the image to authenticate to the user's account via facial recognition systems.
Traditional systems for authenticating via facial recognition often have no safeguards against such attacks. Some traditional systems may perform checks to determine whether an image observed by the camera is a still image or a video, but these checks can be circumvented by recording and replaying a video of the user rather than an image. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for securely authenticating users via facial recognition.